Do Not Trust Google Instant Previews Security Wise

For a few months now Instant Previews has been part of the Google search engine. The feature is triggered with a click on one of the magnifying glasses displayed on search results pages and works from then on on that page just by hovering over a search result. The image displays a visual representation of the website linked in the search results which supposedly should give search engine users an option to compare results and pinpoint relevant content.

The problem? The screenshots are not updated in realtime which means that the content shown on a screenshot of the website and the actual contents on that website may be different. The screenshot for Ghack's homepage for instance shows articles from yesterday and not today even though the actual homepage offers fresher contents.

While that's usually not a problem on legit websites it does mean that criminals can use the feature to lure the user into visiting the website. This is done by creating a legit looking article first, waiting for it to be indexed by Google before editing the contents of the page to displays a page full of ads, malicious contents or scareware to the user.

Instant Previews' usefulness is severely reduced by the delay between page updates and updates of the Instant Preview feature in Google Search. It is not only worth considering from a security standpoint. The ability to "compare results and pinpoint relevant content" is obviously also reduced by that fact.

Advertisement